Washington – From Russia to Spain and from Mexico to Vietnam, cyberattacks targeted thousands of computers, especially in Europe. The unprecedented attack raised fears of electronic chaos after experts expressed their concerns that the virus might spread at the beginning of the work week as millions return to their jobs.
But it seems that government and European companies avoided most of the losses following the electronic attack by WannaCry, a ransomware, which locked up more than 200,000 computers in more than 150 countries.
Europol raised fears that the cyberattack that hit the National Health Service (NHS) services and global businesses “will continue to grow” as people return to work after the weekend. Senior spokesman for Europol, Jan Op Gen Oorth, later told AFP however: “The number of victims appears not to have gone up and so far the situation seems stable in Europe, which is a success.”
In a blog post on Sunday, Microsoft President Brad Smith stated that the ransomware attacked over 200,000 computers using a hacking tool that was built by the US National Security Agency (NSA) and leaked online in April.
“This is an emerging pattern in 2017,” Smith wrote. “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.”
He also debated that government intelligence services should balance their desire to keep software flaws secret, in order to conduct espionage and cyber warfare, against sharing those flaws with technology companies to better secure the internet.
“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” Smith wrote. He added that governments around the world should “treat this attack as a wake-up call” and “consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.”
He reiterated that governments need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world.
That is why, Microsoft called in February for a new “Digital Geneva Convention” to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them.
“It’s why we’ve pledged our support for defending every customer everywhere in the face of cyberattacks, regardless of their nationality,” Smith stressed.
Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks, a rare and powerful feature that caused infections to surge on Friday.
Code for exploiting that bug, which is known as “Eternal Blue,” was released on the internet last month by a hacking group known as the Shadow Brokers.
The pace of WannaCry slowed late on Friday, after the so-called “ransomware” locked up more than 100,000 computers, demanding owners pay to $300 to $600 get their data back.
French government cyber security agency ANSSI said on Monday carmaker Renault was not the only entity hit by the ransomware cyberattack at the end of last week and warned of other possible attacks soon.
“There are others,” Guillaume Poupard, head of the agency, ANSSI, said. The government body was working with the victims on recovery.
Businesses around the world scrambled on Saturday to prepare for a renewed cyberattack, convinced that a lull in a computer offensive that has stopped car factories, hospitals, schools and other organizations in around 100 countries was only temporary.
Poupard told Reuters that similar attacks are expected in the coming days and weeks.
“Attackers update their software … other attackers will learn from the method and will carry out attacks,” he warned.
Renault stopped production at several sites on Saturday to prevent the spread of a global cyber-attack that hit its computer systems.
British technology experts worked through the night to patch the computer systems of the health service after the ransomware worm forced dozens of hospitals to cancel some operations and appointments, Security Minister Ben Wallace said on Monday.
“The very nature of this particular malware, this sort of ransomware attack, is very potent because unlike more routine ones this one has used a sort of worm to exploit the operating system and bolted on a ransomware so that it spread incredibly quickly in hours not weeks or days,” Wallace explained.
Cyber security experts in the NHS worked alongside the National Cyber Security Center (NCSC), part of the GCHQ spy agency, to patch computer systems after the attack caused widespread problems on Friday, added the minister.
“They have been working I know through the night almost to make sure patches are in place to make sure that hopefully the NHS services can get back to normal,” he told BBC radio.
Wallace denied that underinvestment in the NHS may have left health services exposed to such attacks.
The British government said 48 of 248 health service trusts in England had been impacted by Friday’s attack.
According to King’s Fund think tank, Britain plans to spend about $155 billion on the Department of Health in 2017.
Europol director Rob Wainwright said he had been concerned for some time that the health service was not properly protected, unlike banks that put “a proper strategy in place”.
Wainwright expressed his fears that the virus could spread across other sectors with particular risks today as most workers return to their desks.
“At the moment we are in the face of an escalating threat, the numbers are going up, I am worried about how the numbers will continue to grow when people go to work and turn their machines on Monday morning,” he said.
The director explained that the case here is the exploitation of a flaw in the Microsoft operating systems.